Skip to content

Instantly share code, notes, and snippets.

@dreamcat4

dreamcat4/qjail.diff

Last active August 29, 2015 13:57
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save dreamcat4/9920738 to your computer and use it in GitHub Desktop.
Save dreamcat4/9920738 to your computer and use it in GitHub Desktop.
Download ZIP
Various Qjail patches. Based on qjail v3.2 file.
Raw
qjail.diff
53c53
< syntax_create="Syntax: qjail create [-z zone] [-n value] [-a archive] [-f flavor] [-c]\n\
---
> syntax_create="Syntax: qjail create [-z zone] [-m] [-n value] [-a archive] [-f flavor] [-c]\n\
118a119,120
> # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
> entered_ip="${entered_ip#*|}"; entered_ip="${entered_ip%/*}"
134a137,138
> # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
> used_ip="${used_ip#*|}"; used_ip="${used_ip%/*}"
194a199,200
> # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
> entered_ip="${entered_ip#*|}"; entered_ip="${entered_ip%/*}"
210a217,218
> # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
> used_ip="${used_ip#*|}"; used_ip="${used_ip%/*}"
565c573
< shift; while getopts f:a:n:d:i:z:4:6:c arg; do case ${arg} in
---
> shift; while getopts f:a:m:n:d:i:z:4:6:c arg; do case ${arg} in
567a576
> m) manual_network_definition="YES";;
615,620c624,652
< # Verify the entered interface device name really exists.
< if [ "${nic_devicename}" ]; then
< nic_name=`ifconfig | grep -m 1 ${nic_devicename} | cut -f 1 -d :`
< [ -z ${nic_name} ] \
< && kill "Entered -n interface device name is not valid."
< fi
---
> # Check for empty fields "|<ip>" and "<ip>/" within the ip.addr. They are not allowed (jail will fail to start).
> [ "$(echo ",$ip4, && ,$ip6," | grep ",|\|/,")" ] \
> && kill "Bad -4 or -6 syntax. An ip address cannot have empty \"<iface>|\" or \"/<subnet>\" fields embedded within it."
>
> # Create a merged list of all interfaces. Duplicates don't need to be checked twice, so are discarded.
> interfaces="$(echo ",$nic_devicename| && ,$ip4 && ,$ip6" | grep -o ",[[:alnum:]]\+|" | sed 's/[,|]//g' | sort -u)"
>
> # Verify each of the entered interface(s) exist.
> for iface in $interfaces; do
> [ -z "$(ifconfig | grep -m 1 ${iface} | cut -f 1 -d :)" ] \
> && kill "The interface name \"$iface\" is not a valid / recognised ifconfig device on this machine."
> done
>
> # Do not auto-set the NIC field if there are any embedded "<nic>|" devices within the ip address string.
> [ "$(echo "$ip4 && $ip6" | grep "|")" ] && manual_network_definition="1"
>
> if [ -z "$nic_devicename" -a -z "$manual_network_definition" ]; then
> # when no "-n <nic-devicename>", no "|" embedded iface in ip.addr, and no "-m" manual network definition
>
> if [ "$ip4" ]; then
> # get the nic device name from the ipv4 default route (or "" if the default route is not set)
> nic_devicename="$(route get -inet default 2> /dev/null | grep -o "interface.*" | cut -d ' ' -f 2)"
> fi
>
> if [ -z "$nic_devicename" -a -n "$ip6" ]; then
> # get the nic device name from the ipv6 default route (or "" if the default route is not set)
> nic_devicename="$(route get -inet6 default 2> /dev/null | grep -o "interface.*" | cut -d ' ' -f 2)"
> fi
> fi
1305c1337
< temp_ips="none"
---
> temp_ips="-"
1329a1362,1376
> # print_ips (plural) aught to be renamed to "print_ip" (singular)
>
> # Print the NIC column correctly for the new embedded format "<iface>|<ip>"
> # Determine which NIC to display allongside each IP address.
>
> # -n "<iface>" setting is still valid. But takes lower priority than the embedded format.
> print_nic="${nic_devicename}"
>
> # If the device name prefix string "<iface>|"<ip> is explicitly embedded into this ip address
> if [ "$(echo "$print_ips" | grep "|")" ]; then
> # Then move the leading "<iface>" component over into the NIC field
> print_nic="${print_ips%|*}"
> print_ips="${print_ips#*|}" # rather than show it inside the IP address column
> fi
>
1331,1332c1378,1379
< printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:-N/A}" "${print_nic}" "${print_ips}" "${jailname}"
< log_record=`printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:-N/A}" "${print_nic}" "${print_ips}" "${jailname}"`
---
> printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:--}" "${print_nic:--}" "${print_ips}" "${jailname}"
> log_record=`printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:--}" "${print_nic:--}" "${print_ips}" "${jailname}"`
1334d1380
< else
1336,1337c1382,1384
< printf " %-4s %s\\n" "${jid}" " ${print_ips}"
< log_record=`printf " %-4s %s\\n" "${jid}" " ${print_ips}"`
---
> else
> printf " %-3s %s\\n" "${print_nic:--}" "${print_ips}"
> log_record=`printf " %-3s %s\\n" "${print_nic:--}" "${print_ips}"`
2971a3019,3032
> # Check for empty fields "|<ip>" and "<ip>/" within the ip.addr. They are not allowed (jail will fail to start).
> [ "$(echo ",$new_ip4, && ,$new_ip6," | grep ",|\|/,")" ] \
> && kill "Bad -4 or -6 syntax. An ip address cannot have empty \"<iface>|\" or \"/<subnet>\" fields embedded within it."
>
> # Create a merged list of all interfaces. Duplicates don't need to be checked twice, so are discarded.
> [ "$new_nic" = "null" ] || verify_new_nic="$new_nic"
> interfaces="$(echo ",$verify_new_nic| && ,$new_ip4 && ,$new_ip6" | grep -o ",[[:alnum:]]\+|" | sed 's/[,|]//g' | sort -u)"
>
> # Verify each of the entered interface(s) exist.
> for iface in $interfaces; do
> [ -z "$(ifconfig | grep -m 1 ${iface} | cut -f 1 -d :)" ] \
> && kill "The interface name \"$iface\" is not a valid / recognised ifconfig device on this machine."
> done
>
Raw
qjail.git.diff
diff --git a/qjail b/qjail
index 8567234..b43bd08 100755
--- a/qjail
+++ b/qjail
@@ -50,7 +50,7 @@ Syntax: qjail [install|create|list|start|stop|restart|console|archive|\n\
delete|restore|config|update|logmsg|help] {parameters}"
syntax_install="Syntax: qjail install [-z zone] [-h ftp host] [-f file location] [-l]"
-syntax_create="Syntax: qjail create [-z zone] [-n value] [-a archive] [-f flavor] [-c]\n\
+syntax_create="Syntax: qjail create [-z zone] [-m] [-n value] [-a archive] [-f flavor] [-c]\n\
[-i size] [-d duplicate#] [-4 IPv4...] [-6 IPv6...]\n\
jailname"
syntax_list="Syntax: qjail list [-z zone] [jailname...]"
@@ -116,6 +116,8 @@ verify_ip4 () {
# loop through the list of ip addresses from the input
for entered_ip in ${entered_ip_list}; do
+ # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
+ entered_ip="${entered_ip#*|}"; entered_ip="${entered_ip%/*}"
# Loop through the list of jail names from global definition directory.
for jailname in ${global_jailname_list}; do
@@ -132,6 +134,8 @@ verify_ip4 () {
existing_jail_ip_list=`echo -n "${ip4}" | tr ',' ' '`
for used_ip in ${existing_jail_ip_list}; do
+ # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
+ used_ip="${used_ip#*|}"; used_ip="${used_ip%/*}"
if [ "${entered_ip}" = "${used_ip}" ]; then
post_msg "Warning: Existing jail ${jailname} is already assigned IP address ${entered_ip}"
@@ -192,6 +196,8 @@ verify_ip6 () {
# loop through the list of ip addresses from the input
for entered_ip in ${entered_ip_list}; do
+ # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
+ entered_ip="${entered_ip#*|}"; entered_ip="${entered_ip%/*}"
# Loop through the list of jail names from global definition directory.
for jailname in ${global_jailname_list}; do
@@ -208,6 +214,8 @@ verify_ip6 () {
existing_jail_ip_list=`echo -n "${ip6}" | tr ',' ' '`
for used_ip in ${existing_jail_ip_list}; do
+ # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
+ used_ip="${used_ip#*|}"; used_ip="${used_ip%/*}"
if [ "${entered_ip}" = "${used_ip}" ]; then
post_msg "Warning: Existing jail ${jailname} is already assigned IP address ${entered_ip}"
@@ -562,9 +570,10 @@ create () {
duplicate_count=000
- shift; while getopts f:a:n:d:i:z:4:6:c arg; do case ${arg} in
+ shift; while getopts f:a:m:n:d:i:z:4:6:c arg; do case ${arg} in
f) flavor=${OPTARG};;
a) fromarchive=${OPTARG};;
+ m) manual_network_definition="YES";;
n) nic_devicename=${OPTARG};;
d) duplicate_times=${OPTARG};;
i) imagesize=${OPTARG}; create_image="YES";;
@@ -612,12 +621,35 @@ create () {
kill "Numeric jail names are invalid. Jail name ${jailname}"
fi
- # Verify the entered interface device name really exists.
- if [ "${nic_devicename}" ]; then
- nic_name=`ifconfig | grep -m 1 ${nic_devicename} | cut -f 1 -d :`
- [ -z ${nic_name} ] \
- && kill "Entered -n interface device name is not valid."
- fi
+ # Check for empty fields "|<ip>" and "<ip>/" within the ip.addr. They are not allowed (jail will fail to start).
+ [ "$(echo ",$ip4, && ,$ip6," | grep ",|\|/,")" ] \
+ && kill "Bad -4 or -6 syntax. An ip address cannot have empty \"<iface>|\" or \"/<subnet>\" fields embedded within it."
+
+ # Create a merged list of all interfaces. Duplicates don't need to be checked twice, so are discarded.
+ interfaces="$(echo ",$nic_devicename| && ,$ip4 && ,$ip6" | grep -o ",[[:alnum:]]\+|" | sed 's/[,|]//g' | sort -u)"
+
+ # Verify each of the entered interface(s) exist.
+ for iface in $interfaces; do
+ [ -z "$(ifconfig | grep -m 1 ${iface} | cut -f 1 -d :)" ] \
+ && kill "The interface name \"$iface\" is not a valid / recognised ifconfig device on this machine."
+ done
+
+ # Do not auto-set the NIC field if there are any embedded "<nic>|" devices within the ip address string.
+ [ "$(echo "$ip4 && $ip6" | grep "|")" ] && manual_network_definition="1"
+
+ if [ -z "$nic_devicename" -a -z "$manual_network_definition" ]; then
+ # when no "-n <nic-devicename>", no "|" embedded iface in ip.addr, and no "-m" manual network definition
+
+ if [ "$ip4" ]; then
+ # get the nic device name from the ipv4 default route (or "" if the default route is not set)
+ nic_devicename="$(route get -inet default 2> /dev/null | grep -o "interface.*" | cut -d ' ' -f 2)"
+ fi
+
+ if [ -z "$nic_devicename" -a -n "$ip6" ]; then
+ # get the nic device name from the ipv6 default route (or "" if the default route is not set)
+ nic_devicename="$(route get -inet6 default 2> /dev/null | grep -o "interface.*" | cut -d ' ' -f 2)"
+ fi
+ fi
# Check that -c and -f ssh-default are not coded at same time.
[ "${flavor}" = "ssh-default" -a -n "${create_ssh}" ] \
@@ -1302,7 +1334,7 @@ list () {
temp_ips="vnet|${vnet}"
print_nic="${vnet_interface}"
else
- temp_ips="none"
+ temp_ips="-"
fi
else
if [ -n "${ip4}" ]; then
@@ -1327,14 +1359,29 @@ list () {
unset multiple_ip
for print_ips in ${temp_ips}; do
+ # print_ips (plural) aught to be renamed to "print_ip" (singular)
+
+ # Print the NIC column correctly for the new embedded format "<iface>|<ip>"
+ # Determine which NIC to display allongside each IP address.
+
+ # -n "<iface>" setting is still valid. But takes lower priority than the embedded format.
+ print_nic="${nic_devicename}"
+
+ # If the device name prefix string "<iface>|"<ip> is explicitly embedded into this ip address
+ if [ "$(echo "$print_ips" | grep "|")" ]; then
+ # Then move the leading "<iface>" component over into the NIC field
+ print_nic="${print_ips%|*}"
+ print_ips="${print_ips#*|}" # rather than show it inside the IP address column
+ fi
+
if [ -z "${multiple_ip}" ]; then
- printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:-N/A}" "${print_nic}" "${print_ips}" "${jailname}"
- log_record=`printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:-N/A}" "${print_nic}" "${print_ips}" "${jailname}"`
+ printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:--}" "${print_nic:--}" "${print_ips}" "${jailname}"
+ log_record=`printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:--}" "${print_nic:--}" "${print_ips}" "${jailname}"`
multiple_ip=yes
- else
unset jid
- printf " %-4s %s\\n" "${jid}" " ${print_ips}"
- log_record=`printf " %-4s %s\\n" "${jid}" " ${print_ips}"`
+ else
+ printf " %-3s %s\\n" "${print_nic:--}" "${print_ips}"
+ log_record=`printf " %-3s %s\\n" "${print_nic:--}" "${print_ips}"`
fi
if [ -f "${log}" ]; then
@@ -2969,6 +3016,20 @@ config () {
[ -n "${vnet}" ] && \
kill "Error: IP address invalid for vnet Jails. ${jailname}"
+ # Check for empty fields "|<ip>" and "<ip>/" within the ip.addr. They are not allowed (jail will fail to start).
+ [ "$(echo ",$new_ip4, && ,$new_ip6," | grep ",|\|/,")" ] \
+ && kill "Bad -4 or -6 syntax. An ip address cannot have empty \"<iface>|\" or \"/<subnet>\" fields embedded within it."
+
+ # Create a merged list of all interfaces. Duplicates don't need to be checked twice, so are discarded.
+ [ "$new_nic" = "null" ] || verify_new_nic="$new_nic"
+ interfaces="$(echo ",$verify_new_nic| && ,$new_ip4 && ,$new_ip6" | grep -o ",[[:alnum:]]\+|" | sed 's/[,|]//g' | sort -u)"
+
+ # Verify each of the entered interface(s) exist.
+ for iface in $interfaces; do
+ [ -z "$(ifconfig | grep -m 1 ${iface} | cut -f 1 -d :)" ] \
+ && kill "The interface name \"$iface\" is not a valid / recognised ifconfig device on this machine."
+ done
+
if [ "${new_ip4}" ]; then
if [ "${new_ip4}" = "null" ]; then
unset ip4
Raw
qjail.patch
*** a/usr/local/bin/qjail 2014-04-01 20:04:45.000000000 +0100
--- b/usr/local/bin/qjail 2014-04-01 20:04:54.000000000 +0100
***************
*** 50,56 ****
delete|restore|config|update|logmsg|help] {parameters}"
syntax_install="Syntax: qjail install [-z zone] [-h ftp host] [-f file location] [-l]"
! syntax_create="Syntax: qjail create [-z zone] [-n value] [-a archive] [-f flavor] [-c]\n\
[-i size] [-d duplicate#] [-4 IPv4...] [-6 IPv6...]\n\
jailname"
syntax_list="Syntax: qjail list [-z zone] [jailname...]"
--- 50,56 ----
delete|restore|config|update|logmsg|help] {parameters}"
syntax_install="Syntax: qjail install [-z zone] [-h ftp host] [-f file location] [-l]"
! syntax_create="Syntax: qjail create [-z zone] [-m] [-n value] [-a archive] [-f flavor] [-c]\n\
[-i size] [-d duplicate#] [-4 IPv4...] [-6 IPv6...]\n\
jailname"
syntax_list="Syntax: qjail list [-z zone] [jailname...]"
***************
*** 116,121 ****
--- 116,123 ----
# loop through the list of ip addresses from the input
for entered_ip in ${entered_ip_list}; do
+ # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
+ entered_ip="${entered_ip#*|}"; entered_ip="${entered_ip%/*}"
# Loop through the list of jail names from global definition directory.
for jailname in ${global_jailname_list}; do
***************
*** 132,137 ****
--- 134,141 ----
existing_jail_ip_list=`echo -n "${ip4}" | tr ',' ' '`
for used_ip in ${existing_jail_ip_list}; do
+ # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
+ used_ip="${used_ip#*|}"; used_ip="${used_ip%/*}"
if [ "${entered_ip}" = "${used_ip}" ]; then
post_msg "Warning: Existing jail ${jailname} is already assigned IP address ${entered_ip}"
***************
*** 192,197 ****
--- 196,203 ----
# loop through the list of ip addresses from the input
for entered_ip in ${entered_ip_list}; do
+ # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
+ entered_ip="${entered_ip#*|}"; entered_ip="${entered_ip%/*}"
# Loop through the list of jail names from global definition directory.
for jailname in ${global_jailname_list}; do
***************
*** 208,213 ****
--- 214,221 ----
existing_jail_ip_list=`echo -n "${ip6}" | tr ',' ' '`
for used_ip in ${existing_jail_ip_list}; do
+ # Strip any embedded leading / trailing "<if_device>|" and "/<netmask>" components
+ used_ip="${used_ip#*|}"; used_ip="${used_ip%/*}"
if [ "${entered_ip}" = "${used_ip}" ]; then
post_msg "Warning: Existing jail ${jailname} is already assigned IP address ${entered_ip}"
***************
*** 562,570 ****
duplicate_count=000
! shift; while getopts f:a:n:d:i:z:4:6:c arg; do case ${arg} in
f) flavor=${OPTARG};;
a) fromarchive=${OPTARG};;
n) nic_devicename=${OPTARG};;
d) duplicate_times=${OPTARG};;
i) imagesize=${OPTARG}; create_image="YES";;
--- 570,579 ----
duplicate_count=000
! shift; while getopts f:a:m:n:d:i:z:4:6:c arg; do case ${arg} in
f) flavor=${OPTARG};;
a) fromarchive=${OPTARG};;
+ m) manual_network_definition="YES";;
n) nic_devicename=${OPTARG};;
d) duplicate_times=${OPTARG};;
i) imagesize=${OPTARG}; create_image="YES";;
***************
*** 612,623 ****
kill "Numeric jail names are invalid. Jail name ${jailname}"
fi
! # Verify the entered interface device name really exists.
! if [ "${nic_devicename}" ]; then
! nic_name=`ifconfig | grep -m 1 ${nic_devicename} | cut -f 1 -d :`
! [ -z ${nic_name} ] \
! && kill "Entered -n interface device name is not valid."
! fi
# Check that -c and -f ssh-default are not coded at same time.
[ "${flavor}" = "ssh-default" -a -n "${create_ssh}" ] \
--- 621,655 ----
kill "Numeric jail names are invalid. Jail name ${jailname}"
fi
! # Check for empty fields "|<ip>" and "<ip>/" within the ip.addr. They are not allowed (jail will fail to start).
! [ "$(echo ",$ip4, && ,$ip6," | grep ",|\|/,")" ] \
! && kill "Bad -4 or -6 syntax. An ip address cannot have empty \"<iface>|\" or \"/<subnet>\" fields embedded within it."
!
! # Create a merged list of all interfaces. Duplicates don't need to be checked twice, so are discarded.
! interfaces="$(echo ",$nic_devicename| && ,$ip4 && ,$ip6" | grep -o ",[[:alnum:]]\+|" | sed 's/[,|]//g' | sort -u)"
!
! # Verify each of the entered interface(s) exist.
! for iface in $interfaces; do
! [ -z "$(ifconfig | grep -m 1 ${iface} | cut -f 1 -d :)" ] \
! && kill "The interface name \"$iface\" is not a valid / recognised ifconfig device on this machine."
! done
!
! # Do not auto-set the NIC field if there are any embedded "<nic>|" devices within the ip address string.
! [ "$(echo "$ip4 && $ip6" | grep "|")" ] && manual_network_definition="1"
!
! if [ -z "$nic_devicename" -a -z "$manual_network_definition" ]; then
! # when no "-n <nic-devicename>", no "|" embedded iface in ip.addr, and no "-m" manual network definition
!
! if [ "$ip4" ]; then
! # get the nic device name from the ipv4 default route (or "" if the default route is not set)
! nic_devicename="$(route get -inet default 2> /dev/null | grep -o "interface.*" | cut -d ' ' -f 2)"
! fi
!
! if [ -z "$nic_devicename" -a -n "$ip6" ]; then
! # get the nic device name from the ipv6 default route (or "" if the default route is not set)
! nic_devicename="$(route get -inet6 default 2> /dev/null | grep -o "interface.*" | cut -d ' ' -f 2)"
! fi
! fi
# Check that -c and -f ssh-default are not coded at same time.
[ "${flavor}" = "ssh-default" -a -n "${create_ssh}" ] \
***************
*** 1302,1308 ****
temp_ips="vnet|${vnet}"
print_nic="${vnet_interface}"
else
! temp_ips="none"
fi
else
if [ -n "${ip4}" ]; then
--- 1334,1340 ----
temp_ips="vnet|${vnet}"
print_nic="${vnet_interface}"
else
! temp_ips="-"
fi
else
if [ -n "${ip4}" ]; then
***************
*** 1327,1340 ****
unset multiple_ip
for print_ips in ${temp_ips}; do
if [ -z "${multiple_ip}" ]; then
! printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:-N/A}" "${print_nic}" "${print_ips}" "${jailname}"
! log_record=`printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:-N/A}" "${print_nic}" "${print_ips}" "${jailname}"`
multiple_ip=yes
- else
unset jid
! printf " %-4s %s\\n" "${jid}" " ${print_ips}"
! log_record=`printf " %-4s %s\\n" "${jid}" " ${print_ips}"`
fi
if [ -f "${log}" ]; then
--- 1359,1387 ----
unset multiple_ip
for print_ips in ${temp_ips}; do
+ # print_ips (plural) aught to be renamed to "print_ip" (singular)
+
+ # Print the NIC column correctly for the new embedded format "<iface>|<ip>"
+ # Determine which NIC to display allongside each IP address.
+
+ # -n "<iface>" setting is still valid. But takes lower priority than the embedded format.
+ print_nic="${nic_devicename}"
+
+ # If the device name prefix string "<iface>|"<ip> is explicitly embedded into this ip address
+ if [ "$(echo "$print_ips" | grep "|")" ]; then
+ # Then move the leading "<iface>" component over into the NIC field
+ print_nic="${print_ips%|*}"
+ print_ips="${print_ips#*|}" # rather than show it inside the IP address column
+ fi
+
if [ -z "${multiple_ip}" ]; then
! printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:--}" "${print_nic:--}" "${print_ips}" "${jailname}"
! log_record=`printf "%-3s %-4s %-3s %-15s %s\\n" "${state}" "${jid:--}" "${print_nic:--}" "${print_ips}" "${jailname}"`
multiple_ip=yes
unset jid
! else
! printf " %-3s %s\\n" "${print_nic:--}" "${print_ips}"
! log_record=`printf " %-3s %s\\n" "${print_nic:--}" "${print_ips}"`
fi
if [ -f "${log}" ]; then
***************
*** 2969,2974 ****
--- 3016,3035 ----
[ -n "${vnet}" ] && \
kill "Error: IP address invalid for vnet Jails. ${jailname}"
+ # Check for empty fields "|<ip>" and "<ip>/" within the ip.addr. They are not allowed (jail will fail to start).
+ [ "$(echo ",$new_ip4, && ,$new_ip6," | grep ",|\|/,")" ] \
+ && kill "Bad -4 or -6 syntax. An ip address cannot have empty \"<iface>|\" or \"/<subnet>\" fields embedded within it."
+
+ # Create a merged list of all interfaces. Duplicates don't need to be checked twice, so are discarded.
+ [ "$new_nic" = "null" ] || verify_new_nic="$new_nic"
+ interfaces="$(echo ",$verify_new_nic| && ,$new_ip4 && ,$new_ip6" | grep -o ",[[:alnum:]]\+|" | sed 's/[,|]//g' | sort -u)"
+
+ # Verify each of the entered interface(s) exist.
+ for iface in $interfaces; do
+ [ -z "$(ifconfig | grep -m 1 ${iface} | cut -f 1 -d :)" ] \
+ && kill "The interface name \"$iface\" is not a valid / recognised ifconfig device on this machine."
+ done
+
if [ "${new_ip4}" ]; then
if [ "${new_ip4}" = "null" ]; then
unset ip4
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment